WORDPRESS PLUGIN AUDIT
Let us clean house and remove abandoned, insecure plugins from your site and speed it way up in the process
WordPress Plugin Audit
WordPress is incredibly powerful, but that power necessitates some responsibility and maintenance to make sure things run smoothly and securely.
We've all been there: we're excited about our new WordPress site and all the flexibility it brings. Every time we have an idea, we just add a new plugin and the site has new functionality with minimal effort.
And that's all great, but if you keep doing this for years, what you end up with is dozens of plugins bogging down your website which may or may not even be needed. Some may have even been abandoned by their developers years ago and have since stopped working or, worse: become major security risks.
So for both performance and security reasons, it is very important to occasionally run a plugin audit to determine which plugins are needed and which can be removed.
What are WordPress Plugins?
WordPress plugins are add-ons to your WordPress site which can be used to add new functionality to your website. Common uses are to add contact forms to your site, e-commerce functionality, caching, or just about anything you can think of.
Thousands of plugins are available for free in the WordPress repository. It can be tempting to add dozens of these to try out all sorts of new features.
Others are available for a subscription fee. These are usually more complicated plugins that offer a valuable, niche purpose.
What happens with WordPress plugins over time?
Many plugins are popular and backed by active, quality development teams that will continue to update and support them for years or even decades to come.
Others - especially free plugins from the WordPress repository - may have been built by a single individual that may not have any interest in continuing to support the plugin beyond the initial launch.
The needs of a business also change over time, and what we see happen is that plugins will remain on a website even though their original purpose no longer exists. We often encounter clients that have countless inactive or unused plugins littering their website after years of additions.
While quality WordPress hosting is still absolutely necessary, even the best hosting in the world will eventually start to struggle under the weight of too many plugins.
Why do I need to periodically run a plugin audit?
There are several reasons you need to periodically run a plugin audit and remove unnecessary plugins. The main reasons are:
- Every plugin - including inactive plugins - creates a load on your hosting server. The more plugins you have, the slower your site will run.
- All plugins - once again including inactive ones but especially abandoned plugins - constitute some level of security liability and could potentially lead to getting hacked
- Administration of your website is much easier without the clutter of unnecessary plugins
You could think of it a bit like doing maintenance on your house. If you keep up with it, it's not that much work but it will save you money in the long run to avoid problems before they happen.
It also just feels nice to do a bit of Spring cleaning!
What does a plugin audit actually consist of?
When we perform a plugin audit, we are typically performing the following steps:
- Go through the full list of plugins and making note of which ones are inactive
- Run a scan to check each plugin and determine whether it has been abandoned or is still being actively developed
- Go through the active plugins and verify that all of them are actually in use and necessary
- Make a list of plugins which could easily be replaced with some simple code or a better method (this is often the case for redirection plugins or plugins that are being used to add code to the site)
- Present recommendations to the client for approval
- Backup the entire website, including files and database
- Perform recommended replacements
- Deactivate and delete unnecessary plugins
- Test website to ensure it is running smoothly, and run scans again to verify there are no issues
We find that after a plugin audit, clients often end up with fewer than half the plugins they once had, and the site performs considerably faster.
What are the benefits of a plugin audit?
The primary benefits of running a WordPress plugin audit are improved performance and security.
Most sites will run faster and more stably after a plugin audit. The difference depends on how many plugins are removed, the type of hosting, and the nature of the removed plugins.
Improved security is probably the most important benefit in most cases. If you are using abandoned plugins on your website or not updating the plugins you do use, you are asking for trouble. It's a question of "when" not "if" you will be hacked. It's absolutely imperative that you both remove abandoned plugins and keep your active plugins up-to-date to remain secure.
Outdated plugins are also a liability in the sense that they may stop working with newer versions of WordPress or PHP and bring your site completely offline. Removing these plugins reduces the risk of these sorts of things happening.
Finally: you also have the peace-of-mind of having an uncluttered website once a plugin audit has been performed.
Even if you don't personally do much work on your site yourself, your web developer will thank you!
You may even end up saving money if anyone is charging you hourly to work on your site, because it will take them less time to finish their work.
How often should a plugin audit be performed?
The answer to this question depends on the site in question, how many plugins are in use, and other factors. However, I would generally recommend performing an audit at least once every few years.
Yearly would be ideal; though if your site doesn't get changed much, this may not be totally necessary.
If it's been a while since anyone has gone through all the plugins on your site or if you aren't sure if you need one, use the form below to tell us about your site and how we can help with your plugin audit or answer your questions.
Want to learn more about our WordPress Plugin Audit?
Fill out the form and we'll help!